SlideShare une entreprise Scribd logo

Threat Alert: Anonymous Threat on 2014 FIFA World Cup

Radware
Radware

Recently it has been reported that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup, including its partners and sponsors. This threat has gained public attention after an interview with an Anonymous group spokesman provided select details about the planned operation. The Radware Emergency Response Team (ERT) offers the following recommendations for organizations that are affiliated with the 2014 FIFA World Cup. For more from the Radware ERT, please visit: http://security.radware.com/

TechnologieActualités & Politique
1  sur  4
Télécharger pour lire hors ligne
ERT Threat Alert- 2014 FIFA World Cup Threat Alert Anonymous Threat on 2014 FIFA World Cup Emergency Response Team June 6th 2014
ERT Threat Alert- 2014 FIFA World Cup THREAT DETAILS Recently it has been reported in the news that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup including its partners and sponsors. The threat gained public attention after an interview with an Anonymous group spokesman, referring to himself as Che Commondore, provided select details about the planned operation. Che Commondore revealed the socio-political motivation for the attack stating, “In 2014 the world will live the 'Brazilian dream'. It's the country of the World Cup, & blessed for God and beautiful for nature. That it's a beauty! But, what beauty? The World [of] Cup have implicit characters, but this the Government Brazilian choose to hide. When you arrive in Brazil, you tourists, will be surprised by assaults with guns." According to Che Commondore, the group had already hacked into the Brazilian Foreign Ministry's database and released sensitive email data based on the efforts of an individual called AnonManifest. AnonManifest also promised upcoming denial-of-service attacks – Anonymous’ known weapon of choice. A Brazilian Foreign Ministry official told Reuters on Friday that only 55 email accounts were hacked and the only documents that were obtained were attached to emails from the ministry's internal document archive. What’s very important to note here from a technical perspective, is that Anonymous performed a server cracking attack to reach the e-mail servers where they downloaded file attachments to create the first leak. This can subsequently be used to DDoS and shut down accounts, and/or gain access from password hacking/server cracking attempts. Although some information has been disclosed regarding the rationale behind the planned attack, more specific details are less known. It seems Anonymous is learning from prior experiences and now chooses to hold its cards close to the chest. What it is clear is that the hacktivist group has once again chosen a target ripe for exploitation. It is purported that as early as 2005 and 2007 Brazil fell prey to cyber-attacks resulting in major power outages. Thus, another attack does not come unexpected. Fast forward to today, in which Brazil has been beset for months by roiling protests on the games and their alleged drain on an already strained economy. It’s a perfect storm. Anonymous is likely betting on that backdrop to boost support and gain advocates to help them carry out their cyber exploit. The FIFA World Cup as well as the Olympics are such high profile sporting events they are now starting to draw malicious cyber attention. Radware’s ERT has been involved in similar threats dating back to the 2010 Vancouver Winter Olympics, the 2012 London Summer Olympics and the 2014 Sochi Winter Olympics. Per a previous US-CERT Security 2014 Olympic Games advisory the targets were similar to the recent threat. According to the Sochi advisory “Anonymous Caucasus, has launched what appears to be a threat against any company that finances or supports the winter games.” This group has been known in the past to launch DDoS attacks. Radware’s ERT reports that the attempts to attack the Sochi Olympics started long in advance of the games on the Olympic committee’s web site and resources. In summary, Radware’s ERT sees this as evidence of a growing trend whereby high-profile sporting events are the newest ‘hot’ target for cyber maliciousness and attack. The ERT additionally cautions that this could extend to streaming providers and other major entertainment outlets (physical and digital) that will be known to promote such events including cloud or infrastructure-as-a-service (IaaS) providers on which some of the current targets rely. Contained in the next section of this alert are general guidelines for preparation and response for potential targets of this threat.
ERT Threat Alert- 2014 FIFA World Cup TARGETS The following are the partners, sponsors and supports, as stated in the FIFA World Cup site, which are considered under threat. It is possible that more organizations will be added when the attack nears launch.
ERT Threat Alert- 2014 FIFA World Cup INSTRUCTIONS FOR ORGANIZATION Radware’s ERT offers the following recommendations for organizations that appear in the above list or are affiliated with the 2014 FIFA World Cup INSTRUCTIONS BEFORE THE ATTACK  Harden security systems as much as possible especially DoS protection, anti-scanning, and all intrusion protection methods.  Make sure that all security systems will not fail-open under DoS/DDoS attack. Attackers today are known to use Dos/DDoS to overwhelm security devices first, and then carry out other type of attacks.  Closely monitor for any new alert and investigate each one carefully. As admitted by Anonymous, they do test their attack vectors in advance, and this should be used to understand their planned techniques and prepare accordingly. INSTRUCTIONS DURING THE ATTACK  Monitor carefully all security systems, service performance and internet pipe utilization to detect the attack as early as possible.  During DoS attacks continue to monitor carefully all other attacks. Attackers today are known to use Dos/DDoS as a smoke screen.  Monitor for site defacement. INSTRUCTIONS FOR RADWARE AMS CUSTOMERS  Radware customers that appear in the above list or are affiliated with the 2014 FIFA World Cup should contact the ERT (by contacting Radware Technical Support) for assistance with attack preparedness the attack.  Radware customers under attack should contact the ERT immediately via phone to Radware Technical Support to gain immediate service.

Recommandé

Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
Radware
 
Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)
Radware
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)
Radware
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
Radware
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
Radware
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
Radware
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 

Recommandé

Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)
Radware
 
DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16DDoS Threat Landscape - Ron Winward CHINOG16
DDoS Threat Landscape - Ron Winward CHINOG16
Radware
 
Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)Cyber Security Through the Eyes of the C-Suite (Infographic)
Cyber Security Through the Eyes of the C-Suite (Infographic)
Radware
 
What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)What’s the Cost of a Cyber Attack (Infographic)
What’s the Cost of a Cyber Attack (Infographic)
Radware
 
Radware Cloud Security Services
Radware Cloud Security ServicesRadware Cloud Security Services
Radware Cloud Security Services
Radware
 
Radware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF ServiceRadware Hybrid Cloud WAF Service
Radware Hybrid Cloud WAF Service
Radware
 
The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...The Expanding Role and Importance of Application Delivery Controllers [Resear...
The Expanding Role and Importance of Application Delivery Controllers [Resear...
Radware
 
The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]The Art of Cyber War [From Black Hat Brazil 2014]
The Art of Cyber War [From Black Hat Brazil 2014]
Radware
 
The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
Radware
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
Radware
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
Radware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Radware
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
Radware
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
Radware
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
Radware
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-Attacks
Radware
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat Landscape
Radware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
Radware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
Radware
 
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
Radware
 
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
Radware
 
Briefing on Recent US Bank Attacks and 2012 Attack Trends
Briefing on Recent US Bank Attacks and 2012 Attack TrendsBriefing on Recent US Bank Attacks and 2012 Attack Trends
Briefing on Recent US Bank Attacks and 2012 Attack Trends
Radware
 
Providing best response times, tightest security and highest availability for...
Providing best response times, tightest security and highest availability for...Providing best response times, tightest security and highest availability for...
Providing best response times, tightest security and highest availability for...
Radware
 
Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks
Stock Exchanges in the Line of Fire-Morphology of Cyber AttacksStock Exchanges in the Line of Fire-Morphology of Cyber Attacks
Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks
Radware
 
Attackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumAttackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the Equilibrium
Radware
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
 

Contenu connexe

Plus de Radware

The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
Radware
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
Radware
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
Radware
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Radware
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
Radware
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
Radware
 
Attackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumAttackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the Equilibrium
Radware
 

Plus de Radware (20)

The Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs DowntimeThe Real Cost of Slow Time vs Downtime
The Real Cost of Slow Time vs Downtime
 
Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?Cyber Attack Survival: Are You Ready?
Cyber Attack Survival: Are You Ready?
 
Radware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock BashRadware ERT Threat Alert: Shellshock Bash
Radware ERT Threat Alert: Shellshock Bash
 
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreThe Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre
 
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceMobile Web Stress: Understanding the Neurological Impact of Poor Performance
Mobile Web Stress: Understanding the Neurological Impact of Poor Performance
 
Emotional Engagement and Brand Perception
Emotional Engagement and Brand PerceptionEmotional Engagement and Brand Perception
Emotional Engagement and Brand Perception
 
InfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber WarInfoSecurity Europe 2014: The Art Of Cyber War
InfoSecurity Europe 2014: The Art Of Cyber War
 
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...
 
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeSecureWorld St. Louis: Survival in an Evolving Threat Landscape
SecureWorld St. Louis: Survival in an Evolving Threat Landscape
 
In the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-AttacksIn the Line of Fire - The Morphology of Cyber-Attacks
In the Line of Fire - The Morphology of Cyber-Attacks
 
Survival in an Evolving Threat Landscape
Survival in an Evolving Threat LandscapeSurvival in an Evolving Threat Landscape
Survival in an Evolving Threat Landscape
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security
 
In the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber AttacksIn the Line of Fire-the Morphology of Cyber Attacks
In the Line of Fire-the Morphology of Cyber Attacks
 
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...
 
Briefing on Recent US Bank Attacks and 2012 Attack Trends
Briefing on Recent US Bank Attacks and 2012 Attack TrendsBriefing on Recent US Bank Attacks and 2012 Attack Trends
Briefing on Recent US Bank Attacks and 2012 Attack Trends
 
Providing best response times, tightest security and highest availability for...
Providing best response times, tightest security and highest availability for...Providing best response times, tightest security and highest availability for...
Providing best response times, tightest security and highest availability for...
 
Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks
Stock Exchanges in the Line of Fire-Morphology of Cyber AttacksStock Exchanges in the Line of Fire-Morphology of Cyber Attacks
Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks
 
Attackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the EquilibriumAttackers Vs. Defenders: Restoring the Equilibrium
Attackers Vs. Defenders: Restoring the Equilibrium
 

Dernier

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 

Dernier (20)

🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 

Threat Alert: Anonymous Threat on 2014 FIFA World Cup

  • 1. ERT Threat Alert- 2014 FIFA World Cup Threat Alert Anonymous Threat on 2014 FIFA World Cup Emergency Response Team June 6th 2014
  • 2. ERT Threat Alert- 2014 FIFA World Cup THREAT DETAILS Recently it has been reported in the news that hacktivist group Anonymous intends to attack the 2014 FIFA World Cup including its partners and sponsors. The threat gained public attention after an interview with an Anonymous group spokesman, referring to himself as Che Commondore, provided select details about the planned operation. Che Commondore revealed the socio-political motivation for the attack stating, “In 2014 the world will live the 'Brazilian dream'. It's the country of the World Cup, & blessed for God and beautiful for nature. That it's a beauty! But, what beauty? The World [of] Cup have implicit characters, but this the Government Brazilian choose to hide. When you arrive in Brazil, you tourists, will be surprised by assaults with guns." According to Che Commondore, the group had already hacked into the Brazilian Foreign Ministry's database and released sensitive email data based on the efforts of an individual called AnonManifest. AnonManifest also promised upcoming denial-of-service attacks – Anonymous’ known weapon of choice. A Brazilian Foreign Ministry official told Reuters on Friday that only 55 email accounts were hacked and the only documents that were obtained were attached to emails from the ministry's internal document archive. What’s very important to note here from a technical perspective, is that Anonymous performed a server cracking attack to reach the e-mail servers where they downloaded file attachments to create the first leak. This can subsequently be used to DDoS and shut down accounts, and/or gain access from password hacking/server cracking attempts. Although some information has been disclosed regarding the rationale behind the planned attack, more specific details are less known. It seems Anonymous is learning from prior experiences and now chooses to hold its cards close to the chest. What it is clear is that the hacktivist group has once again chosen a target ripe for exploitation. It is purported that as early as 2005 and 2007 Brazil fell prey to cyber-attacks resulting in major power outages. Thus, another attack does not come unexpected. Fast forward to today, in which Brazil has been beset for months by roiling protests on the games and their alleged drain on an already strained economy. It’s a perfect storm. Anonymous is likely betting on that backdrop to boost support and gain advocates to help them carry out their cyber exploit. The FIFA World Cup as well as the Olympics are such high profile sporting events they are now starting to draw malicious cyber attention. Radware’s ERT has been involved in similar threats dating back to the 2010 Vancouver Winter Olympics, the 2012 London Summer Olympics and the 2014 Sochi Winter Olympics. Per a previous US-CERT Security 2014 Olympic Games advisory the targets were similar to the recent threat. According to the Sochi advisory “Anonymous Caucasus, has launched what appears to be a threat against any company that finances or supports the winter games.” This group has been known in the past to launch DDoS attacks. Radware’s ERT reports that the attempts to attack the Sochi Olympics started long in advance of the games on the Olympic committee’s web site and resources. In summary, Radware’s ERT sees this as evidence of a growing trend whereby high-profile sporting events are the newest ‘hot’ target for cyber maliciousness and attack. The ERT additionally cautions that this could extend to streaming providers and other major entertainment outlets (physical and digital) that will be known to promote such events including cloud or infrastructure-as-a-service (IaaS) providers on which some of the current targets rely. Contained in the next section of this alert are general guidelines for preparation and response for potential targets of this threat.
  • 3. ERT Threat Alert- 2014 FIFA World Cup TARGETS The following are the partners, sponsors and supports, as stated in the FIFA World Cup site, which are considered under threat. It is possible that more organizations will be added when the attack nears launch.
  • 4. ERT Threat Alert- 2014 FIFA World Cup INSTRUCTIONS FOR ORGANIZATION Radware’s ERT offers the following recommendations for organizations that appear in the above list or are affiliated with the 2014 FIFA World Cup INSTRUCTIONS BEFORE THE ATTACK  Harden security systems as much as possible especially DoS protection, anti-scanning, and all intrusion protection methods.  Make sure that all security systems will not fail-open under DoS/DDoS attack. Attackers today are known to use Dos/DDoS to overwhelm security devices first, and then carry out other type of attacks.  Closely monitor for any new alert and investigate each one carefully. As admitted by Anonymous, they do test their attack vectors in advance, and this should be used to understand their planned techniques and prepare accordingly. INSTRUCTIONS DURING THE ATTACK  Monitor carefully all security systems, service performance and internet pipe utilization to detect the attack as early as possible.  During DoS attacks continue to monitor carefully all other attacks. Attackers today are known to use Dos/DDoS as a smoke screen.  Monitor for site defacement. INSTRUCTIONS FOR RADWARE AMS CUSTOMERS  Radware customers that appear in the above list or are affiliated with the 2014 FIFA World Cup should contact the ERT (by contacting Radware Technical Support) for assistance with attack preparedness the attack.  Radware customers under attack should contact the ERT immediately via phone to Radware Technical Support to gain immediate service.